ClawHub

Web Profiler

Security checks across malware telemetry and agentic risk

Overview

This appears to be a local command-line logging tool for profiling notes, with disclosed local storage but overstated profiler wording.

Install only if you want a local profiling notes/history tool, not a full Symfony web profiler. Avoid entering secrets, request bodies, credentials, private URLs, or production incident details unless you are comfortable with them being stored under ~/.local/share/web-profiler and possibly exported later.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Description-Behavior Mismatch

High
Confidence
97% confidence
Finding
The advertised skill claims to be a Symfony/web-request profiler, but the implementation is a generic local data collection utility with broad commands unrelated to profiling. This mismatch is dangerous because it can mislead users into supplying operationally sensitive input that is then retained on disk, indicating deceptive functionality rather than an accidental implementation gap.

Description-Behavior Mismatch

High
Confidence
99% confidence
Finding
The core commands do not inspect web requests, Symfony state, Twig templates, or components; they simply append arbitrary user input into per-command log files under the user's home directory. In the context of a supposedly diagnostic developer tool, this creates a covert persistence channel for any secrets, tokens, paths, prompts, or internal data a user passes, with no functional justification tied to the stated skill purpose.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The documentation does not clearly warn, up front, that user-supplied profiling entries and exports are persistently written to local files. In the context of profiling web requests, inputs commonly contain sensitive operational data such as endpoints, headers, SQL, stack traces, memory metrics, or incident notes, so silent persistence increases the risk of accidental retention and later exposure via local access, backups, or exported files.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The script persistently stores user-provided input to local log files without clear warning in the help text or comments, so users may unknowingly expose credentials, URLs, request bodies, or other sensitive development data. This is particularly risky here because the skill presents itself as a web profiler, making users more likely to input sensitive debugging context they would not expect to be archived verbatim.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal